예제 #1
0
         if (preg_match('/^log_size.*_(.*)$/', $key, $matches)) {
             setOption($matches[1] . '_log_size', $value);
             setOption($matches[1] . '_log_mail', (int) isset($_POST['log_mail_' . $matches[1]]));
         }
     }
 }
 /*		 * * Gallery options ** */
 if (isset($_POST['savegalleryoptions'])) {
     $_zp_gallery->setAlbumPublish((int) isset($_POST['album_default']));
     $_zp_gallery->setImagePublish((int) isset($_POST['image_default']));
     setOption('AlbumThumbSelect', sanitize_numeric($_POST['thumbselector']));
     $_zp_gallery->setThumbSelectImages((int) isset($_POST['thumb_select_images']));
     $_zp_gallery->setSecondLevelThumbs((int) isset($_POST['multilevel_thumb_select_images']));
     $_zp_gallery->setTitle(process_language_string_save('gallery_title', 2));
     $_zp_gallery->setDesc(process_language_string_save('Gallery_description', EDITOR_SANITIZE_LEVEL));
     $_zp_gallery->setWebsiteTitle(process_language_string_save('website_title', 2));
     $web = sanitize($_POST['website_url'], 3);
     $_zp_gallery->setWebsiteURL($web);
     $_zp_gallery->setAlbumUseImagedate((int) isset($_POST['album_use_new_image_date']));
     $st = strtolower(sanitize($_POST['gallery_sorttype'], 3));
     if ($st == 'custom') {
         $st = strtolower(sanitize($_POST['customalbumsort'], 3));
     }
     $_zp_gallery->setSortType($st);
     if ($st == 'manual' || $st == 'random') {
         $_zp_gallery->setSortDirection(false);
     } else {
         $_zp_gallery->setSortDirection(isset($_POST['gallery_sortdirection']));
     }
     foreach ($_POST as $item => $value) {
         if (strpos($item, 'gallery-page_') === 0) {
예제 #2
0
/**
 *
 * handles save of user/password
 * @param object $object
 */
function processCredentials($object, $suffix = '')
{
    $notify = '';
    if (isset($_POST['password_enabled' . $suffix]) && $_POST['password_enabled' . $suffix]) {
        if (is_object($object)) {
            $olduser = $object->getUser();
        } else {
            $olduser = getOption($object . '_user');
        }
        $newuser = trim(sanitize($_POST['user' . $suffix], 3));
        $pwd = trim(sanitize($_POST['pass' . $suffix]));
        if (isset($_POST['disclose_password' . $suffix])) {
            $pass2 = $pwd;
        } else {
            if (isset($_POST['pass_r' . $suffix])) {
                $pass2 = trim(sanitize($_POST['pass_r' . $suffix]));
            } else {
                $pass2 = '';
            }
        }
        $fail = '';
        if ($olduser != $newuser) {
            if (!empty($newuser) && strlen($_POST['pass' . $suffix]) == 0) {
                $fail = '?mismatch=user';
            }
        }
        if (!$fail && $pwd == $pass2) {
            if (is_object($object)) {
                $object->setUser($newuser);
            } else {
                setOption($object . '_user', $newuser);
            }
            if (empty($pwd)) {
                if (strlen($_POST['pass' . $suffix]) == 0) {
                    // clear the  password
                    if (is_object($object)) {
                        $object->setPassword(NULL);
                    } else {
                        setOption($object . '_password', NULL);
                    }
                }
            } else {
                if (is_object($object)) {
                    $object->setPassword(Zenphoto_Authority::passwordHash($newuser, $pwd));
                } else {
                    setOption($object . '_password', Zenphoto_Authority::passwordHash($newuser, $pwd));
                }
            }
        } else {
            if (empty($fail)) {
                $notify = '?mismatch';
            } else {
                $notify = $fail;
            }
        }
        $hint = process_language_string_save('hint' . $suffix, 3);
        if (is_object($object)) {
            $object->setPasswordHint($hint);
        } else {
            setOption($object . '_hint', $hint);
        }
    }
    return $notify;
}
예제 #3
0
 static function extracontent($obj, $instance, $field, $type)
 {
     if ($type == 'save') {
         $extracontent = zpFunctions::updateImageProcessorLink(process_language_string_save("extracontent", EDITOR_SANITIZE_LEVEL));
         $obj->setExtracontent($extracontent);
         $obj->save();
         return NULL;
     } else {
         ob_start();
         print_language_string_list($obj->getExtraContent('all'), 'extracontent', true, NULL, 'extracontent', '100%', 'zenpage_language_string_list', 13);
         $item = ob_get_contents();
         ob_end_clean();
         return $item;
     }
 }
/**
 * Updates a menu item (custom link, custom page only) set via POST
 *
 */
function updateMenuItem(&$reports)
{
    $menuset = checkChosenMenuset();
    $result = array();
    $result['id'] = sanitize($_POST['id']);
    $result['show'] = getCheckboxState('show');
    $result['type'] = sanitize($_POST['type']);
    $result['title'] = process_language_string_save("title", 2);
    $result['include_li'] = getCheckboxState('include_li');
    if (getCheckboxState('span')) {
        $result['span_id'] = sanitize($_POST['span_id']);
        $result['span_class'] = sanitize($_POST['span_class']);
    } else {
        $result['span_id'] = '';
        $result['span_class'] = '';
    }
    switch ($result['type']) {
        case 'album':
            $result['title'] = $result['link'] = sanitize($_POST['albumselect']);
            if (empty($result['link'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to select an album.") . " </p>";
                return $result;
            }
            break;
        case 'galleryindex':
            $result['title'] = process_language_string_save("title", 2);
            $result['link'] = NULL;
            if (empty($result['title'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>";
                return $result;
            }
            break;
        case 'zenpagepage':
            $result['title'] = NULL;
            $result['link'] = sanitize($_POST['pageselect']);
            if (empty($result['link'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>link</strong>!") . " </p>";
                return $result;
            }
            break;
        case 'zenpagenewsindex':
            $result['title'] = process_language_string_save("title", 2);
            $result['link'] = NULL;
            if (empty($result['title'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>";
                return $result;
            }
            break;
        case 'zenpagecategory':
            $result['title'] = NULL;
            $result['link'] = sanitize($_POST['categoryselect']);
            if (empty($result['link'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>link</strong>!") . " </p>";
                return $result;
            }
            break;
        case 'custompage':
            $result['title'] = process_language_string_save("title", 2);
            $result['link'] = sanitize($_POST['custompageselect']);
            if (empty($result['title'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>";
                return $result;
            }
            break;
        case 'customlink':
            $result['title'] = process_language_string_save("title", 2);
            if (empty($result['title'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>";
                return $result;
            }
            $result['link'] = sanitize($_POST['link']);
            if (empty($result['link'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to provide a <strong>function</strong>!") . " </p>";
                return $result;
            }
            break;
        case 'menulabel':
            $result['title'] = process_language_string_save("title", 2);
            $result['link'] = NULL;
            if (empty($result['title'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>";
                return $result;
            }
            break;
        case 'menufunction':
            $result['title'] = process_language_string_save("title", 2);
            if (empty($result['title'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>";
                return $result;
            }
            $result['link'] = sanitize($_POST['link'], 4);
            if (empty($result['link'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to provide a <strong>function</strong>!") . " </p>";
                return $result;
            }
            break;
        case 'html':
            $result['title'] = process_language_string_save("title", 2);
            if (empty($result['title'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>";
                return $result;
            }
            $result['link'] = sanitize($_POST['link'], 4);
            if (empty($result['link'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to provide a <strong>function</strong>!") . " </p>";
                return $result;
            }
            break;
        default:
            $result['link'] = sanitize($_POST['link'], 4);
            break;
    }
    // update the category in the category table
    $sql = "UPDATE " . prefix('menu') . " SET title = " . db_quote($result['title']) . ", link = " . db_quote($result['link']) . ", type = " . db_quote($result['type']) . ", `show` = " . db_quote($result['show']) . ", menuset = " . db_quote($menuset) . ", include_li = " . $result['include_li'] . ", span_id = " . db_quote($result['span_id']) . ", span_class = " . db_quote($result['span_class']) . " WHERE `id` = " . $result['id'];
    if (query($sql)) {
        if (isset($_POST['title']) && empty($result['title'])) {
            $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>";
        } else {
            if (isset($_POST['link']) && empty($result['link'])) {
                $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>link</strong>!") . " </p>";
            } else {
                $reports[] = "<p class = 'messagebox fade-message'>" . gettext("Menu item updated!") . " </p>";
            }
        }
    }
    return $result;
}
/**
 * Updates a category
 *
 */
function updateCategory(&$reports)
{
    $date = date('Y-m-d_H-i-s');
    $id = sanitize_numeric($_POST['id']);
    $permalink = getcheckboxState('permalink');
    $title = process_language_string_save("title", 2);
    $desc = process_language_string_save("desc", 0);
    $custom = process_language_string_save("custom_data", 1);
    $titlelink = $oldtitlelink = sanitize($_POST['titlelink-old'], 3);
    if (getcheckboxState('edittitlelink')) {
        $titlelink = sanitize($_POST['titlelink'], 3);
        if (empty($titlelink)) {
            $titlelink = seoFriendly(get_language_string($title));
            if (empty($titlelink)) {
                $titlelink = seoFriendly($date);
            }
        }
    } else {
        if (!$permalink) {
            //	allow the link to change
            $link = seoFriendly(get_language_string($title));
            if (!empty($link)) {
                $titlelink = $link;
            }
        }
    }
    $titleok = true;
    if ($titlelink != $oldtitlelink) {
        // title link change must be reflected in DB before any other updates
        $titleok = query('UPDATE ' . prefix('news_categories') . ' SET `titlelink`=' . db_quote($titlelink) . ' WHERE `id`=' . $id, false);
        if (!$titleok) {
            $titlelink = $oldtitlelink;
            // force old link so data gets saved
        }
    } else {
        $titlelink = $oldtitlelink;
    }
    //update category
    $show = getcheckboxState('show');
    $cat = new ZenpageCategory($titlelink);
    $notice = processPasswordSave($cat);
    $cat->setPermalink(getcheckboxState('permalink'));
    $cat->set('title', $title);
    $cat->setDesc($desc);
    $cat->setCustomData(zp_apply_filter('save_category_custom_data', $custom, $cat));
    $cat->setShow($show);
    if (getcheckboxState('resethitcounter')) {
        $cat->set('hitcounter', 0);
    }
    $msg = zp_apply_filter('update_category', '', $cat, $oldtitlelink);
    $cat->save();
    if ($titleok) {
        if (empty($titlelink) or empty($title)) {
            $reports[] = "<p class='errorbox fade-message'>" . gettext("You forgot to give your category a <strong>title or titlelink</strong>!") . "</p>";
        } else {
            if ($notice == 'user') {
                $reports[] = "<p class='errorbox fade-message'>" . gettext('You must supply a password for the Protected Category user') . '</p>';
            } else {
                if ($notice == 'pass') {
                    $reports[] = "<p class='errorbox fade-message'>" . gettext('Your passwords were empty or did not match') . '</p>';
                } else {
                    $reports[] = "<p class='messagebox fade-message'>" . gettext("Category updated!") . "</p>";
                }
            }
        }
    } else {
        $reports[] = "<p class='errorbox fade-message'>" . sprintf(gettext("A category with the title/titlelink <em>%s</em> already exists!"), html_encode($cat->getTitle())) . "</p>";
    }
    if ($msg) {
        $reports[] = $msg;
    }
    return $cat;
}
/**
 * Updates or adds a category
 *
 * @param array $reports the results display
 * @param bool $newcategory true if a new article
 *
 */
function updateCategory(&$reports, $newcategory = false)
{
    $date = date('Y-m-d_H-i-s');
    $id = sanitize_numeric($_POST['id']);
    $permalink = getcheckboxState('permalink');
    $title = process_language_string_save("title", 2);
    $desc = process_language_string_save("desc", EDITOR_SANITIZE_LEVEL);
    $custom = process_language_string_save("custom_data", 1);
    if ($newcategory) {
        $titlelink = seoFriendly(get_language_string($title));
        if (empty($titlelink)) {
            $titlelink = seoFriendly($date);
        }
        $sql = 'SELECT `id` FROM ' . prefix('news_categories') . ' WHERE `titlelink`=' . db_quote($titlelink);
        $rslt = query_single_row($sql, false);
        if ($rslt) {
            //already exists
            $time = explode(' ', microtime());
            $titlelink = $titlelink . '_' . ($time[1] + $time[0]);
            $reports[] = "<p class='warningbox fade-message'>" . gettext('Duplicate category title') . '</p>';
        }
        $oldtitlelink = $titlelink;
    } else {
        $titlelink = $oldtitlelink = sanitize($_POST['titlelink-old'], 3);
        if (getcheckboxState('edittitlelink')) {
            $titlelink = sanitize($_POST['titlelink'], 3);
            if (empty($titlelink)) {
                $titlelink = seoFriendly(get_language_string($title));
                if (empty($titlelink)) {
                    $titlelink = seoFriendly($date);
                }
            }
        } else {
            if (!$permalink) {
                //	allow the link to change
                $link = seoFriendly(get_language_string($title));
                if (!empty($link)) {
                    $titlelink = $link;
                }
            }
        }
    }
    $titleok = true;
    if ($titlelink != $oldtitlelink) {
        // title link change must be reflected in DB before any other updates
        $titleok = query('UPDATE ' . prefix('news_categories') . ' SET `titlelink`=' . db_quote($titlelink) . ' WHERE `id`=' . $id, false);
        if (!$titleok) {
            $titlelink = $oldtitlelink;
            // force old link so data gets saved
        } else {
            SearchEngine::clearSearchCache();
        }
    }
    //update category
    $show = getcheckboxState('show');
    $cat = new ZenpageCategory($titlelink, true);
    $notice = processCredentials($cat);
    $cat->setPermalink(getcheckboxState('permalink'));
    $cat->set('title', $title);
    $cat->setDesc($desc);
    $cat->setCustomData(zp_apply_filter('save_category_custom_data', $custom, $cat));
    $cat->setShow($show);
    if (getcheckboxState('resethitcounter')) {
        $cat->set('hitcounter', 0);
    }
    if (getcheckboxState('reset_rating')) {
        $cat->set('total_value', 0);
        $cat->set('total_votes', 0);
        $cat->set('used_ips', 0);
    }
    if ($newcategory) {
        $msg = zp_apply_filter('new_category', '', $cat);
        if (empty($title)) {
            $reports[] = "<p class='errorbox fade-message'>" . sprintf(gettext("Category <em>%s</em> added but you need to give it a <strong>title</strong> before publishing!"), $titlelink) . '</p>';
        } else {
            if ($notice == '?mismatch=user') {
                $reports[] = "<p class='errorbox fade-message'>" . gettext('You must supply a password for the Protected Category user') . '</p>';
            } else {
                if ($notice) {
                    $reports[] = "<p class='errorbox fade-message'>" . gettext('Your passwords were empty or did not match') . '</p>';
                } else {
                    $reports[] = "<p class='messagebox fade-message'>" . sprintf(gettext("Category <em>%s</em> added"), $titlelink) . '</p>';
                }
            }
        }
    } else {
        $msg = zp_apply_filter('update_category', '', $cat, $oldtitlelink);
        if ($titleok) {
            if (empty($titlelink) or empty($title)) {
                $reports[] = "<p class='errorbox fade-message'>" . gettext("You forgot to give your category a <strong>title or titlelink</strong>!") . "</p>";
            } else {
                if ($notice == '?mismatch=user') {
                    $reports[] = "<p class='errorbox fade-message'>" . gettext('You must supply a password for the Protected Category user') . '</p>';
                } else {
                    if ($notice) {
                        $reports[] = "<p class='errorbox fade-message'>" . gettext('Your passwords were empty or did not match') . '</p>';
                    } else {
                        $reports[] = "<p class='messagebox fade-message'>" . gettext("Category updated!") . "</p>";
                    }
                }
            }
        } else {
            $reports[] = "<p class='errorbox fade-message'>" . sprintf(gettext("A category with the title/titlelink <em>%s</em> already exists!"), html_encode($cat->getTitle())) . "</p>";
        }
    }
    $cat->save();
    if ($msg) {
        $reports[] = $msg;
    }
    return $cat;
}
/**
 * Updates a menu item (custom link, custom page only) set via POST
 *
 */
function updateMenuItem(&$reports)
{
    $menuset = checkChosenMenuset();
    $result['id'] = sanitize($_POST['id']);
    $result['show'] = getCheckboxState('show');
    $result['type'] = sanitize($_POST['type']);
    $result['title'] = process_language_string_save("title", 2);
    $result['include_li'] = getCheckboxState('include_li');
    if (isset($_POST['link'])) {
        $result['link'] = sanitize($_POST['link'], 0);
    } else {
        $result['link'] = '';
    }
    if (getCheckboxState('span')) {
        $result['span_id'] = sanitize($_POST['span_id']);
        $result['span_class'] = sanitize($_POST['span_class']);
    } else {
        $result['span_id'] = '';
        $result['span_class'] = '';
    }
    // update the category in the category table
    $sql = "UPDATE " . prefix('menu') . " SET title = " . db_quote($result['title']) . ",link=" . db_quote($result['link']) . ",type=" . db_quote($result['type']) . ", `show`=" . db_quote($result['show']) . ",menuset=" . db_quote($menuset) . ",include_li=" . $result['include_li'] . ",span_id=" . db_quote($result['span_id']) . ",span_class=" . db_quote($result['span_class']) . " WHERE `id`=" . $result['id'];
    if (query($sql)) {
        if (isset($_POST['title']) && empty($result['title'])) {
            $reports[] = "<p class='errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . "</p>";
        } else {
            if (isset($_POST['link']) && empty($result['link'])) {
                $reports[] = "<p class='errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>link</strong>!") . "</p>";
            } else {
                $reports[] = "<p class='messagebox fade-message'>" . gettext("Menu item updated!") . "</p>";
            }
        }
    }
    return $result;
}
예제 #8
0
     $wmuse = $wmuse | WATERMARK_THUMB;
 }
 if (isset($_POST['wm_full-' . $i])) {
     $wmuse = $wmuse | WATERMARK_FULL;
 }
 $image->setWMUse($wmuse);
 $codeblock1 = sanitize($_POST['codeblock1-' . $i], 0);
 $codeblock2 = sanitize($_POST['codeblock2-' . $i], 0);
 $codeblock3 = sanitize($_POST['codeblock3-' . $i], 0);
 $codeblock = serialize(array("1" => $codeblock1, "2" => $codeblock2, "3" => $codeblock3));
 $image->setCodeblock($codeblock);
 if (isset($_POST[$i . '-owner'])) {
     $image->setOwner(sanitize($_POST[$i . '-owner']));
 }
 $image->set('filesize', filesize($image->localpath));
 $custom = process_language_string_save("{$i}-custom_data", 1);
 $image->setCustomData(zp_apply_filter('save_image_custom_data', $custom, $i));
 zp_apply_filter('save_image_utilities_data', $image, $i);
 $image->save();
 // Process move/copy/rename
 if ($movecopyrename_action == 'move') {
     $dest = trim(sanitize_path($_POST[$i . '-albumselect'], 3));
     if ($dest && $dest != $folder) {
         if ($e = $image->moveImage($dest)) {
             $notify = "&mcrerr=" . $e;
         }
     } else {
         // Cannot move image to same album.
         $notify = "&mcrerr=2";
     }
 } else {
예제 #9
0
 /*** Plugin Options ***/
 if (isset($_POST['savepluginoptions'])) {
     // all plugin options are handled by the custom option code.
     $returntab = "&tab=plugin";
 }
 /*** custom options ***/
 if (!$themeswitch) {
     // was really a save.
     foreach ($_POST as $postkey => $value) {
         if (preg_match('/^' . CUSTOM_OPTION_PREFIX . '/', $postkey)) {
             // custom option!
             $key = substr($postkey, strpos($postkey, '-') + 1);
             $switch = substr($postkey, strlen(CUSTOM_OPTION_PREFIX), -strlen($key) - 1);
             switch ($switch) {
                 case 'text':
                     $value = process_language_string_save($key, 1);
                     break;
                 case 'chkbox':
                     if (isset($_POST[$key])) {
                         $value = 1;
                     } else {
                         $value = 0;
                     }
                     break;
                 default:
                     if (isset($_POST[$key])) {
                         $value = sanitize($_POST[$key], 1);
                     } else {
                         $value = '';
                     }
                     break;
예제 #10
0
     $key = postIndexDecode($key);
     if (substr($key, 0, $l) == $tagsprefix) {
         if ($value) {
             $tags[] = substr($key, $l);
         }
     }
 }
 $tags = array_unique($tags);
 $image->setTags(sanitize($tags, 3));
 $image->setDateTime(strip($_POST["{$i}-date"]));
 $image->setShow(isset($_POST["{$i}-Visible"]));
 $image->setCommentsAllowed(strip($_POST["{$i}-allowcomments"]));
 if (isset($_POST["{$i}-reset_hitcounter"])) {
     $image->set('hitcounter', 0);
 }
 $image->setCustomData(process_language_string_save("{$i}-custom_data", 1));
 $image->save();
 // Process move/copy/rename
 if ($movecopyrename_action == 'move') {
     $dest = sanitize_path($_POST[$i . '-albumselect'], 3);
     if ($dest && $dest != $folder) {
         if (!$image->moveImage($dest)) {
             $notify = "&mcrerr=1";
         }
     } else {
         // Cannot move image to same album.
     }
 } else {
     if ($movecopyrename_action == 'copy') {
         $dest = sanitize_path($_POST[$i . '-albumselect'], 2);
         if ($dest && $dest != $folder) {
예제 #11
0
 } else {
     $movecopyrename_action = '';
 }
 if ($movecopyrename_action == 'delete') {
     unset($single);
     $image->remove();
 } else {
     if (isset($_POST[$i . '-reset_rating'])) {
         $image->set('total_value', 0);
         $image->set('total_votes', 0);
         $image->set('used_ips', 0);
     }
     $pubdate = $image->setPublishDate(sanitize($_POST['publishdate-' . $i]));
     $image->setExpireDate(sanitize($_POST['expirationdate-' . $i]));
     $image->setTitle(process_language_string_save("{$i}-title", 2));
     $image->setDesc(process_language_string_save("{$i}-desc", EDITOR_SANITIZE_LEVEL));
     if (isset($_POST[$i . '-oldrotation']) && isset($_POST[$i . '-rotation'])) {
         $oldrotation = (int) $_POST[$i . '-oldrotation'];
         $rotation = (int) $_POST[$i . '-rotation'];
         if ($rotation != $oldrotation) {
             $image->set('rotation', $rotation);
             $image->updateDimensions();
             $album = $image->getAlbum();
             Gallery::clearCache($album->name);
         }
     }
     $image->setCommentsAllowed(isset($_POST["{$i}-allowcomments"]));
     if (isset($_POST["reset_hitcounter{$i}"])) {
         $image->set('hitcounter', 0);
     }
     $image->set('filesize', filesize($image->localpath));
예제 #12
0
/**
 * processes the post from the above
 * @param int $index the index of the entry in mass edit or 0 if single album
 * @param object $album the album object
 * @param string $redirectto used to redirect page refresh on move/copy/rename
 *@return string error flag if passwords don't match
 *@since 1.1.3
 */
function processAlbumEdit($index, $album, &$redirectto)
{
    global $gallery;
    $redirectto = NULL;
    // no redirection required
    if ($index == 0) {
        $prefix = '';
    } else {
        $prefix = "{$index}-";
    }
    $tagsprefix = 'tags_' . $prefix;
    $notify = '';
    $album->setTitle(process_language_string_save($prefix . 'albumtitle', 2));
    $album->setDesc(process_language_string_save($prefix . 'albumdesc', 0));
    $tags = array();
    $l = strlen($tagsprefix);
    foreach ($_POST as $key => $value) {
        $key = postIndexDecode($key);
        if (substr($key, 0, $l) == $tagsprefix) {
            if ($value) {
                $tags[] = substr($key, $l);
            }
        }
    }
    $tags = array_unique($tags);
    $album->setTags($tags);
    $album->setDateTime(sanitize($_POST[$prefix . "albumdate"]));
    $album->setLocation(process_language_string_save($prefix . 'albumlocation', 3));
    if (isset($_POST[$prefix . 'thumb'])) {
        $album->setAlbumThumb(sanitize($_POST[$prefix . 'thumb']));
    }
    $album->setShow(isset($_POST[$prefix . 'Published']));
    $album->setCommentsAllowed(isset($_POST[$prefix . 'allowcomments']));
    $sorttype = strtolower(sanitize($_POST[$prefix . 'sortby'], 3));
    if ($sorttype == 'custom') {
        $sorttype = unquote(strtolower(sanitize($_POST[$prefix . 'customimagesort'], 3)));
    }
    $album->setSortType($sorttype);
    if ($sorttype == 'manual' || $sorttype == 'random') {
        $album->setSortDirection('image', 0);
    } else {
        if (empty($sorttype)) {
            $direction = 0;
        } else {
            $direction = isset($_POST[$prefix . 'image_sortdirection']);
        }
        $album->setSortDirection('image', $direction);
    }
    $sorttype = strtolower(sanitize($_POST[$prefix . 'subalbumsortby'], 3));
    if ($sorttype == 'custom') {
        $sorttype = strtolower(sanitize($_POST[$prefix . 'customalbumsort'], 3));
    }
    $album->setSubalbumSortType($sorttype);
    if ($sorttype == 'manual' || $sorttype == 'random') {
        $album->setSortDirection('album', 0);
    } else {
        $album->setSortDirection('album', isset($_POST[$prefix . 'album_sortdirection']));
    }
    if (isset($_POST[$prefix . 'reset_hitcounter'])) {
        $album->set('hitcounter', 0);
    }
    if (isset($_POST[$prefix . 'reset_rating'])) {
        $album->set('total_value', 0);
        $album->set('total_votes', 0);
        $album->set('used_ips', 0);
    }
    $fail = '';
    if (sanitize($_POST[$prefix . 'password_enabled'])) {
        $olduser = $album->getUser();
        $newuser = sanitize($_POST[$prefix . 'albumuser']);
        $pwd = trim(sanitize($_POST[$prefix . 'albumpass']));
        if ($olduser != $newuser) {
            if (!empty($newuser) && empty($pwd) && empty($pwd2)) {
                $fail = '&mismatch=user';
            }
        }
        if (!$fail && $_POST[$prefix . 'albumpass'] == $_POST[$prefix . 'albumpass_2']) {
            $album->setUser($newuser);
            if (empty($pwd)) {
                if (empty($_POST[$prefix . 'albumpass'])) {
                    $album->setPassword(NULL);
                    // clear the album password
                }
            } else {
                $album->setPassword($pwd);
            }
        } else {
            if (empty($fail)) {
                $notify = '&mismatch=album';
            } else {
                $notify = $fail;
            }
        }
    }
    $oldtheme = $album->getAlbumTheme();
    if (isset($_POST[$prefix . 'album_theme'])) {
        $newtheme = sanitize($_POST[$prefix . 'album_theme']);
        if ($oldtheme != $newtheme) {
            $album->setAlbumTheme($newtheme);
        }
    }
    $album->setPasswordHint(process_language_string_save($prefix . 'albumpass_hint', 3));
    if (isset($_POST[$prefix . 'album_watermark'])) {
        $album->setWatermark(sanitize($_POST[$prefix . 'album_watermark'], 3));
        $album->setWatermarkThumb(sanitize($_POST[$prefix . 'album_watermark_thumb'], 3));
    }
    $codeblock1 = sanitize($_POST[$prefix . 'codeblock1'], 0);
    $codeblock2 = sanitize($_POST[$prefix . 'codeblock2'], 0);
    $codeblock3 = sanitize($_POST[$prefix . 'codeblock3'], 0);
    $codeblock = serialize(array("1" => $codeblock1, "2" => $codeblock2, "3" => $codeblock3));
    $album->setCodeblock($codeblock);
    if (isset($_POST[$prefix . '-owner'])) {
        $album->setOwner(sanitize($_POST[$prefix . '-owner']));
    }
    $custom = process_language_string_save($prefix . 'album_custom_data', 1);
    $album->setCustomData(zp_apply_filter('save_album_custom_data', $custom, $prefix));
    zp_apply_filter('save_album_utilities_data', $album, $prefix);
    $album->save();
    // Move/Copy/Rename the album after saving.
    $movecopyrename_action = '';
    if (isset($_POST['a-' . $prefix . 'MoveCopyRename'])) {
        $movecopyrename_action = sanitize($_POST['a-' . $prefix . 'MoveCopyRename'], 3);
    }
    if ($movecopyrename_action == 'delete') {
        $dest = dirname($album->name);
        if ($album->remove()) {
            if ($dest == '/' || $dest == '.') {
                $dest = '';
            }
            $redirectto = $dest;
        } else {
            $notify = "&mcrerr=7";
        }
    }
    if ($movecopyrename_action == 'move') {
        $dest = trim(sanitize_path($_POST['a' . $prefix . '-albumselect'], 3));
        // Append the album name.
        $dest = ($dest ? $dest . '/' : '') . (strpos($album->name, '/') === FALSE ? $album->name : basename($album->name));
        if ($dest && $dest != $album->name) {
            if ($album->isDynamic()) {
                // be sure there is a .alb suffix
                if (substr($dest, -4) != '.alb') {
                    $dest .= '.alb';
                }
            }
            if ($e = $album->moveAlbum($dest)) {
                $notify = "&mcrerr=" . $e;
            } else {
                $redirectto = $dest;
            }
        } else {
            // Cannot move album to same album.
            $notify = "&mcrerr=3";
        }
    } else {
        if ($movecopyrename_action == 'copy') {
            $dest = trim(sanitize_path($_POST['a' . $prefix . '-albumselect']));
            if ($dest && $dest != $album->name) {
                if ($e = $album->copy($dest)) {
                    $notify = "&mcrerr=" . $e;
                }
            } else {
                // Cannot copy album to existing album.
                // Or, copy with rename?
                $notify = '&mcrerr=3';
            }
        } else {
            if ($movecopyrename_action == 'rename') {
                $renameto = trim(sanitize_path($_POST['a' . $prefix . '-renameto'], 3));
                $renameto = str_replace(array('/', '\\'), '', $renameto);
                if (dirname($album->name) != '.') {
                    $renameto = dirname($album->name) . '/' . $renameto;
                }
                if ($renameto != $album->name) {
                    if ($album->isDynamic()) {
                        // be sure there is a .alb suffix
                        if (substr($renameto, -4) != '.alb') {
                            $renameto .= '.alb';
                        }
                    }
                    if ($e = $album->rename($renameto)) {
                        $notify = "&mcrerr=" . $e;
                    } else {
                        $redirectto = $renameto;
                    }
                } else {
                    $notify = "&mcrerr=3";
                }
            }
        }
    }
    return $notify;
}
예제 #13
0
/**
 * processes the post from the above
 *@param int param1 the index of the entry in mass edit or 0 if single album
 *@param object param2 the album object
 *@return string error flag if passwords don't match
 *@since 1.1.3
 */
function processAlbumEdit($index, $album)
{
    if ($index == 0) {
        $prefix = '';
    } else {
        $prefix = "{$index}-";
    }
    $tagsprefix = 'tags_' . $prefix;
    $notify = '';
    $album->setTitle(process_language_string_save($prefix . 'albumtitle', 2));
    $album->setDesc(process_language_string_save($prefix . 'albumdesc', 1));
    $tags = array();
    for ($i = 0; $i < 4; $i++) {
        if (isset($_POST[$tagsprefix . 'new_tag_value_' . $i])) {
            $tag = trim(strip($_POST[$tagsprefix . 'new_tag_value_' . $i]));
            unset($_POST[$tagsprefix . 'new_tag_value_' . $i]);
            if (!empty($tag)) {
                $tags[] = $tag;
            }
        }
    }
    $l = strlen($tagsprefix);
    foreach ($_POST as $key => $value) {
        $key = postIndexDecode($key);
        if (substr($key, 0, $l) == $tagsprefix) {
            if ($value) {
                $tags[] = substr($key, $l);
            }
        }
    }
    $tags = array_unique($tags);
    $album->setTags($tags);
    $album->setDateTime(strip($_POST[$prefix . "albumdate"]));
    $album->setPlace(process_language_string_save($prefix . 'albumplace', 3));
    if (isset($_POST[$prefix . 'thumb'])) {
        $album->setAlbumThumb(strip($_POST[$prefix . 'thumb']));
    }
    $album->setShow(isset($_POST[$prefix . 'Published']));
    $album->setCommentsAllowed(isset($_POST[$prefix . 'allowcomments']));
    $sorttype = strtolower(sanitize($_POST[$prefix . 'sortby'], 3));
    if ($sorttype == 'custom') {
        $sorttype = strtolower(sanitize($_POST[$prefix . 'customimagesort'], 3));
    }
    $album->setSortType($sorttype);
    if ($sorttype == 'manual') {
        $album->setSortDirection('image', 0);
    } else {
        if (empty($sorttype)) {
            $direction = 0;
        } else {
            $direction = isset($_POST[$prefix . 'image_sortdirection']);
        }
        $album->setSortDirection('image', $direction);
    }
    $sorttype = strtolower(sanitize($_POST[$prefix . 'subalbumsortby'], 3));
    if ($sorttype == 'custom') {
        $sorttype = strtolower(sanitize($_POST[$prefix . 'customalbumsort'], 3));
    }
    $album->setSubalbumSortType($sorttype);
    if ($sorttype == 'manual') {
        $album->setSortDirection('album', 0);
    } else {
        $album->setSortDirection('album', isset($_POST[$prefix . 'album_sortdirection']));
    }
    if (isset($_POST[$prefix . 'reset_hitcounter'])) {
        $album->set('hitcounter', 0);
    }
    if (isset($_POST[$prefix . 'reset_rating'])) {
        $album->set('total_value', 0);
        $album->set('total_votes', 0);
        $album->set('used_ips', 0);
    }
    $olduser = $album->getUser();
    $newuser = $_POST[$prefix . 'albumuser'];
    $pwd = trim($_POST[$prefix . 'albumpass']);
    $fail = '';
    if ($olduser != $newuser) {
        if ($pwd != $_POST[$prefix . 'albumpass_2']) {
            $pwd2 = trim($_POST[$prefix . 'albumpass_2']);
            $_POST[$prefix . 'albumpass'] = $pwd;
            // invalidate password, user changed without password beign set
            if (!empty($newuser) && empty($pwd) && empty($pwd2)) {
                $fail = '&mismatch=user';
            }
        }
    }
    if ($_POST[$prefix . 'albumpass'] == $_POST[$prefix . 'albumpass_2']) {
        $album->setUser($newuser);
        if (empty($pwd)) {
            if (empty($_POST[$prefix . 'albumpass'])) {
                $album->setPassword(NULL);
                // clear the gallery password
            }
        } else {
            $album->setPassword($pwd);
        }
    } else {
        if (empty($fail)) {
            $notify = '&mismatch=album';
        } else {
            $notify = $fail;
        }
    }
    $oldtheme = $album->getAlbumTheme();
    if (isset($_POST[$prefix . 'album_theme'])) {
        $newtheme = strip($_POST[$prefix . 'album_theme']);
        if ($oldtheme != $newtheme) {
            $album->setAlbumTheme($newtheme);
        }
    }
    $album->setPasswordHint(process_language_string_save($prefix . 'albumpass_hint', 3));
    $album->setCustomData(process_language_string_save($prefix . 'album_custom_data', 1));
    $album->save();
    // Move/Copy/Rename the album after saving.
    $movecopyrename_action = '';
    if (isset($_POST['a-' . $prefix . 'MoveCopyRename'])) {
        $movecopyrename_action = sanitize($_POST['a-' . $prefix . 'MoveCopyRename'], 3);
    }
    if ($movecopyrename_action == 'move') {
        $dest = UTF8ToFileSystem(sanitize_path($_POST['a' . $prefix . '-albumselect'], 3));
        // Append the album name.
        $dest = ($dest ? $dest . '/' : '') . (strpos($album->name, '/') === FALSE ? $album->name : basename($album->name));
        if ($dest && $dest != $album->name) {
            if ($returnalbum = $album->moveAlbum($dest)) {
                // A slight hack to redirect to the new album after moving.
                $_GET['album'] = $returnalbum;
            } else {
                $notify .= "&mcrerr=1";
            }
        } else {
            // Cannot move album to same album.
        }
    } else {
        if ($movecopyrename_action == 'copy') {
            $dest = UTF8ToFileSystem(sanitize_path($_POST['a' . $prefix . '-albumselect'], 3));
            // Append the album name.
            $dest = ($dest ? $dest . '/' : '') . (strpos($album->name, '/') === FALSE ? $album->name : basename($album->name));
            if ($dest && $dest != $album->name) {
                if (!$album->copyAlbum($dest)) {
                    $notify .= "&mcrerr=1";
                }
            } else {
                // Cannot copy album to existing album.
                // Or, copy with rename?
            }
        } else {
            if ($movecopyrename_action == 'rename') {
                $renameto = UTF8ToFileSystem(sanitize_path($_POST['a' . $prefix . '-renameto'], 3));
                $renameto = str_replace(array('/', '\\'), '', $renameto);
                if (dirname($album->name) != '.') {
                    $renameto = dirname($album->name) . '/' . $renameto;
                }
                if ($renameto != $album->name) {
                    if ($returnalbum = $album->renameAlbum($renameto)) {
                        // A slight hack to redirect to the new album after moving.
                        $_GET['album'] = $returnalbum;
                    } else {
                        $notify .= "&mcrerr=1";
                    }
                }
            }
        }
    }
    return $notify;
}
예제 #14
0
 static function custom_data($custom, $i, $obj = NULL)
 {
     if (is_object($i)) {
         $obj = $i;
         $i = NULL;
     } else {
         $i = $i . '-';
     }
     $custom = process_language_string_save($i . "custom_data", 1);
     $obj->setCustomData($custom);
     return $custom;
 }
예제 #15
0
 /**
  * The generic field element save handler
  * @param type $obj
  * @param type $instance
  * @param type $fields
  */
 protected static function _saveHandler($obj, $instance, $field)
 {
     if (array_key_exists('edit', $field)) {
         $action = $field['edit'];
         if (is_null($action)) {
             return NULL;
         }
     } else {
         $action = 'default';
     }
     switch ($action) {
         case 'multilingual':
             $newdata = process_language_string_save($instance . '-' . $field['name']);
             break;
         case 'function':
             $newdata = call_user_func($field['function'], $obj, $instance, $field, 'save');
             break;
         default:
             if (!is_null($instance)) {
                 $instance = '_' . $instance;
             }
             if (isset($_POST[$field['name'] . $instance])) {
                 $newdata = sanitize($_POST[$field['name'] . $instance]);
             } else {
                 $newdata = NULL;
             }
     }
     return $newdata;
 }
예제 #16
0
         if (empty($pwd)) {
             if (empty($_POST['imagepass'])) {
                 setOption('protected_image_password', NULL);
                 // clear the protected image password
             }
         } else {
             setOption('protected_image_password', $_zp_authority->passwordHash($newuser, $pwd));
         }
     } else {
         if (empty($notify)) {
             $notify = '?mismatch=image';
         } else {
             $notify = $fail;
         }
     }
     setOption('protected_image_hint', process_language_string_save('protected_image_hint', 3));
 }
 setOption('hotlink_protection', (int) isset($_POST['hotlink_protection']));
 setOption('use_lock_image', (int) isset($_POST['use_lock_image']));
 $st = sanitize($_POST['image_sorttype'], 3);
 if ($st == 'custom') {
     $st = unQuote(strtolower(sanitize($_POST['customimagesort'], 3)));
 }
 setOption('image_sorttype', $st);
 setOption('image_sortdirection', (int) isset($_POST['image_sortdirection']));
 setOption('auto_rotate', (int) isset($_POST['auto_rotate']));
 setOption('IPTC_encoding', sanitize($_POST['IPTC_encoding']));
 foreach ($_zp_exifvars as $key => $item) {
     setOption($key, (int) array_key_exists($key, $_POST));
 }
 $returntab = "&tab=image";